We have 2 servers - windows 2003 & 2008(DC), 40 workstations, 12 printers - various models, 2 switches in server room and a few minor switches around building. All internet is accessed through a couple of routers and a sonicwall TZ210 as our firewall. Everything is hardwired on a cat5 lan, wireless is disabled.

Our issue is the internet will be running fine and then sometimes - not always the same time it will run slow and dip out.

We don't appear to lose our adsl, it would seem to be an internal problem.

It would seem to be a bottleneck thats caused maybe by some hardware failure.

7 Replies

Wow, ADSL. Sorry to hear that. You can look at the Sonicwall connection monitor to see if there is an IP flooding traffic on the unit. Maybe someone decided to start streaming and are eating up some of the bandwidth.

Edit: I recently had something similar and it turned out to be an outside person's email sending a 17MB email every 20 seconds and saturating our T1.

You need to get an insight into what is going on in your network. In order to do this you need to see your bandwidth usage and yo may even have to dig deeper by looking at actual packet captures. If you have a fully managed infrastructure and Spiceworks or a well documented network infrastructure I would recommend you start by setting up an SNMP collector, I recommend CACTI and monitor all your managed network equipment. This will allow you to see the data traversing each port on the devices as well as packet errors and dropped packets. If you do not have a fully managed infrastructure, or you want additional information such as bandwidth by IP and type of traffic I would recommend setting up bandwidthD. bandwidthD is a promiscuous collector and will need to be placed in a location that it can see all the traffic you want to monitor, this generally will be the link between the LAN and the router to the Internet and it will be put in place by a network tap or mirrored switch port. Here is a HOW-TO link for bandwidthD http://community.spiceworks.com/how_to/show/1261%C2%A0;

Finally if you identify a problem and need more in depth analysis as to what is going on and causing an issue you might deploy wireshark to do packet captures and actually see the data itself.

There are many good approaches provided here, assuming it's a problem detectable with a managed device being watched with a suitable polling interval. If it's an issue due to traffic caused by user activity Netflow visibility will help you. Many of our customers in similar situations also consider the performance history of a measured WAN path between a LAN device and a target across the Internet.

We've seen particularly on asymmetric broadband links such as aDSL issues such as rate limiting and other impairments that are both transient and apply to traffic in one direction vs. another. I've included a screenshot of this from PathView Cloud. The path in question is monitored 24x7 at 60 second intervals between a local microAppliance and a target hosted in a remote data center. You can see packet loss impacting performance on the upload link but not download. The direction could vary here, but the theme is common. Impairments such as loss and jitter can be caused by heavy utilization outside of the traditional managed devices.